Threat Entries

nuffsec/threatintel

Dedicated IOC database focused on threat actors infrastructure based in Russia⚰️ and Belarus🥔 (RU/BY), providing up-to-date information on C2 and malware distribution servers for all interested parties.

Read our statement

First seen	IOC	Malware	Country	Tags
2025-01-30 06:40:47 UTC	185.22.153.166:3334	Unknown malware	RU	censys GoPhish phishing AS51659 ASBAXET
2025-01-30 06:40:58 UTC	195.58.36.183:3333	Unknown malware	RU	AS9123 censys TIMEWEB-AS GoPhish phishing
2025-01-30 04:00:51 UTC	45.141.84.60:15747	SectopRAT	RU	c2 censys AS206728 MEDIALAND-AS RAT sectop
2025-01-30 06:41:09 UTC	193.143.1.66:62389	Mirai	RU	c2 Mirai
2025-01-30 00:00:17 UTC	45.141.76.97:4433	Cobalt Strike	RU	c2 CobaltStrike cs-watermark-987654321 censys AS198610 BEGET-AS
2025-01-29 16:00:53 UTC	89.23.96.61:9823	AsyncRAT	RU	c2 censys RAT AS56694 SMARTAPE asyncrat
2025-01-29 09:40:57 UTC	46.8.158.31:80	Cobalt Strike	RU	CobaltStrike cs-watermark-987654321
2025-01-29 08:48:34 UTC	185.70.104.48:443	Meterpreter	RU	drb-ra MetaSploit Meterpreter
2025-01-29 08:46:25 UTC	45.129.3.177:80	Havoc	RU	drb-ra Havoc
2025-01-29 08:00:50 UTC	45.141.84.208:15747	SectopRAT	RU	c2 censys AS206728 MEDIALAND-AS RAT sectop